Comptia CySA+ 002
| Site: | Dublin FIT Apprenticeship |
| Course: | CyberSecurity Apprenticeship |
| Book: | Comptia CySA+ 002 |
| Printed by: | Guest user |
| Date: | Wednesday, 10 December 2025, 10:10 AM |
Description
This study guide uses a number of common elements to help you
prepare for the CompTIA final Exam.
These include the following:
Exam Essentials
Review Questions
A set of questions at the end of each chapter will help you assess your knowledge and if you are ready to take the exam based on your knowledge of that chapter's topics.Lab Exercises
The written labs provide more in-depth practice opportunities to expand your skills and to better prepare for performance-based testing on the Cybersecurity Analyst+ exam.Table of contents
- 1. Building an Incident Response Program
- 2. Analyzing Indicators of Compromise
- 3. Performing Forensic Analysis and Techniques
- 4. Designing a Vulnerability Management Program
- 5. Analyzing Vulnerability Scans
- 6. Cloud Security
- 7. Infrastructure Security and Controls
- 8. Identity and Access Management Security
1. Building an Incident Response Program
This chapter focuses on building a formal incident response
handling program and team. You will learn the details of each
stage of incident handling from preparation, to detection and
analysis, to containment, eradication, and recovery, to the final
post-incident recovery, as well as how to classify incidents and
communicate about them.
2. Analyzing Indicators of Compromise
Responding appropriately to an incident requires understanding
how incidents occur and what symptoms may indicate that an
event has occurred. To do that, you also need the right tools and
techniques. In this chapter, you will learn about three major
categories of symptoms. First, you will learn about network
events, including malware beaconing, unexpected traffic, and
link failures, as well as network attacks. Next, you will explore
host issues, ranging from system resource consumption issues to
malware defense and unauthorized changes. Finally, you will
learn about service- and application-related problems.
3. Performing Forensic Analysis and Techniques
Understanding what occurred on a system,
device, or network, either as part of an incident or for other
purposes, frequently involves forensic analysis. In this chapter,
you will learn how to build a forensic capability and how the key
tools in a forensic toolkit are used.Understanding what occurred on a system,
device, or network, either as part of an incident or for other
purposes, frequently involves forensic analysis. In this chapter,
you will learn how to build a forensic capability and how the key
tools in a forensic toolkit are used.
4. Designing a Vulnerability Management Program
Managing vulnerabilities helps to keep your
systems secure. In this chapter, you will learn how to identify,
prioritize, and remediate vulnerabilities using a well-defined
workflow and continuous assessment methodologies.
5. Analyzing Vulnerability Scans
Vulnerability
reports can contain huge amounts of data about potential
problems with systems. In this chapter, you will learn how to
read and analyze a vulnerability scan report, what CVSS scoring
is and what it means, as well as how to choose the appropriate
actions to remediate the issues you have found. Along the way,
you will explore common types of vulnerabilities and their
impact on systems and networks
6. Cloud Security
The widespread adoption of
cloud computing dramatically impacts the work of cybersecurity
analysts who must now understand how to gather, correlate, and
interpret information coming from many different cloud
sources. In this chapter, you'll learn about how cloud computing
impacts businesses and how you can perform threat
management in the cloud.
7. Infrastructure Security and Controls
A
strong security architecture requires layered security
procedures, technology, and processes to provide defense in
depth, ensuring that a single failure won't lead to a failure. In
this chapter, you will learn how to design a layered security
architecture and how to analyze security designs for flaws,
including single points of failure and gaps.
8. Identity and Access Management Security
The identities that we rely on to authenticate and authorize
users, services, and systems are a critical layer in a defense-indepth architecture. This chapter explains identity,
authentication, and authorization concepts and systems. You
will learn about the major threats to identity and identity
systems as well as how to use identity as a defensive layer.